Oval Definition:oval:com.ubuntu.bionic:def:20190187000
Revision Date:2019-03-06Version:1
Title:CVE-2019-0187 on Ubuntu 18.04 LTS (bionic) - medium.
Description:Unauthenticated RCE is possible when JMeter is used in distributed mode (-r or -R command line options). Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests running in Distributed mode. Note that versions before 4.0 are not able to encrypt traffic between the nodes, nor authenticate the participating nodes so upgrade to JMeter 5.1 is also advised.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2019-0187
Platform(s):Ubuntu 18.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 18.04 LTS (bionic) is installed.
  • AND The vulnerability of the 'jakarta-jmeter' package in bionic is not known (status: 'needs-triage'). It is pending evaluation.
  • BACK